Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-04-18MorphisecArnold Osipov, Michael Dereviashkin
@online{osipov:20230418:what:516436d, author = {Arnold Osipov and Michael Dereviashkin}, title = {{What Makes Invalid Printer Loader So Stealthy?}}, date = {2023-04-18}, organization = {Morphisec}, url = {https://blog.morphisec.com/in2al5d-p3in4er}, language = {English}, urldate = {2023-04-22} } What Makes Invalid Printer Loader So Stealthy?
Aurora
2023-03-07MorphisecArnold Osipov
@online{osipov:20230307:sys01:675aea6, author = {Arnold Osipov}, title = {{SYS01 Stealer}}, date = {2023-03-07}, organization = {Morphisec}, url = {https://blog.morphisec.com/sys01stealer-facebook-info-stealer}, language = {English}, urldate = {2023-03-13} } SYS01 Stealer
2022-12-07MorphisecMorphisec Labs
@online{labs:20221207:new:b712384, author = {Morphisec Labs}, title = {{New Babuk Ransomware Found in Major Attack}}, date = {2022-12-07}, organization = {Morphisec}, url = {https://blog.morphisec.com/babuk-ransomware-variant-major-attack}, language = {English}, urldate = {2022-12-29} } New Babuk Ransomware Found in Major Attack
Babuk
2022-09-22MorphisecMorphisec Labs
@online{labs:20220922:watch:0f6c6c3, author = {Morphisec Labs}, title = {{Watch Out For The New NFT-001}}, date = {2022-09-22}, organization = {Morphisec}, url = {https://blog.morphisec.com/nft-malware-new-evasion-abilities}, language = {English}, urldate = {2022-11-21} } Watch Out For The New NFT-001
Eternity Stealer Remcos
2022-08-11MorphisecHido Cohen, Arnold Osipov
@online{cohen:20220811:aptc35:bc731cd, author = {Hido Cohen and Arnold Osipov}, title = {{APT-C-35 GETS A NEW UPGRADE}}, date = {2022-08-11}, organization = {Morphisec}, url = {https://blog.morphisec.com/apt-c-35-new-windows-framework-revealed}, language = {English}, urldate = {2023-04-25} } APT-C-35 GETS A NEW UPGRADE
Unidentified 102 (Donot)
2022-05-12MorphisecHido Cohen
@online{cohen:20220512:new:6e12278, author = {Hido Cohen}, title = {{New SYK Crypter Distributed Via Discord}}, date = {2022-05-12}, organization = {Morphisec}, url = {https://blog.morphisec.com/syk-crypter-discord}, language = {English}, urldate = {2022-06-09} } New SYK Crypter Distributed Via Discord
AsyncRAT Ave Maria Nanocore RAT NjRAT Quasar RAT RedLine Stealer
2022-04-25MorphisecMorphisec Labs
@online{labs:20220425:new:7b1c795, author = {Morphisec Labs}, title = {{New Core Impact Backdoor Delivered Via VMware Vulnerability}}, date = {2022-04-25}, organization = {Morphisec}, url = {https://blog.morphisec.com/vmware-identity-manager-attack-backdoor}, language = {English}, urldate = {2022-04-29} } New Core Impact Backdoor Delivered Via VMware Vulnerability
Cobalt Strike JSSLoader
2022-04-05MorphisecMichael Dereviashkin
@online{dereviashkin:20220405:new:2f2f8a9, author = {Michael Dereviashkin}, title = {{New Analysis: The CaddyWiper Malware Attacking Ukraine}}, date = {2022-04-05}, organization = {Morphisec}, url = {https://blog.morphisec.com/caddywiper-analysis-new-malware-attacking-ukraine}, language = {English}, urldate = {2022-04-07} } New Analysis: The CaddyWiper Malware Attacking Ukraine
CaddyWiper
2022-03-30MorphisecHido Cohen
@online{cohen:20220330:new:b2abe2b, author = {Hido Cohen}, title = {{New Wave Of Remcos RAT Phishing Campaign}}, date = {2022-03-30}, organization = {Morphisec}, url = {https://blog.morphisec.com/remcos-trojan-analyzing-attack-chain}, language = {English}, urldate = {2022-03-31} } New Wave Of Remcos RAT Phishing Campaign
Remcos
2022-03-29MorphisecArnold Osipov
@online{osipov:20220329:exclusive:37a9d8b, author = {Arnold Osipov}, title = {{Exclusive Threat Research: Mars (Stealer) Attacks!}}, date = {2022-03-29}, organization = {Morphisec}, url = {https://blog.morphisec.com/threat-research-mars-stealer}, language = {English}, urldate = {2022-03-31} } Exclusive Threat Research: Mars (Stealer) Attacks!
Mars Stealer
2022-03-23MorphisecHido Cohen
@online{cohen:20220323:new:7356088, author = {Hido Cohen}, title = {{New JSSLoader Trojan Delivered Through XLL Files}}, date = {2022-03-23}, organization = {Morphisec}, url = {https://blog.morphisec.com/new-jssloader-trojan-delivered-through-xll-files}, language = {English}, urldate = {2022-03-25} } New JSSLoader Trojan Delivered Through XLL Files
JSSLoader
2022-02-14MorphisecHido Cohen, Arnold Osipov
@techreport{cohen:20220214:journey:6c209dc, author = {Hido Cohen and Arnold Osipov}, title = {{Journey of a Crypto Scammer - NFT-001}}, date = {2022-02-14}, institution = {Morphisec}, url = {https://blog.morphisec.com/hubfs/Journey%20of%20a%20Crypto%20Scammer%20-%20NFT-001%20%7C%20Morphisec%20%7C%20Threat%20Report.pdf}, language = {English}, urldate = {2022-02-19} } Journey of a Crypto Scammer - NFT-001
AsyncRAT BitRAT Remcos
2022-01-28MorphisecMorphisec Labs
@online{labs:20220128:log4j:ee487ec, author = {Morphisec Labs}, title = {{Log4j Exploit Hits Again: Vulnerable Unifi Network Application (Ubiquiti) at Risk}}, date = {2022-01-28}, organization = {Morphisec}, url = {https://blog.morphisec.com/log4j-exploit-targets-vulnerable-unifi-network-applications}, language = {English}, urldate = {2022-02-02} } Log4j Exploit Hits Again: Vulnerable Unifi Network Application (Ubiquiti) at Risk
Cobalt Strike
2022-01-25MorphisecMichael Dereviashkin
@online{dereviashkin:20220125:new:18be3b6, author = {Michael Dereviashkin}, title = {{New Threat Campaign Identified: AsyncRAT Introduces a New Delivery Technique}}, date = {2022-01-25}, organization = {Morphisec}, url = {https://blog.morphisec.com/asyncrat-new-delivery-technique-new-threat-campaign}, language = {English}, urldate = {2022-01-28} } New Threat Campaign Identified: AsyncRAT Introduces a New Delivery Technique
AsyncRAT
2022-01-20MorphisecMichael Gorelik
@online{gorelik:20220120:log4j:99fd2e0, author = {Michael Gorelik}, title = {{Log4j Exploit Hits Again: Vulnerable VMWare Horizon Servers at Risk}}, date = {2022-01-20}, organization = {Morphisec}, url = {https://blog.morphisec.com/log4j-exploit-hits-again-vulnerable-vmware-horizon-servers-at-risk}, language = {English}, urldate = {2022-01-25} } Log4j Exploit Hits Again: Vulnerable VMWare Horizon Servers at Risk
Cobalt Strike
2021-11-23MorphisecHido Cohen, Arnold Osipov
@online{cohen:20211123:babadeda:ae0d0ac, author = {Hido Cohen and Arnold Osipov}, title = {{Babadeda Crypter targeting crypto, NFT, and DeFi communities}}, date = {2021-11-23}, organization = {Morphisec}, url = {https://blog.morphisec.com/the-babadeda-crypter-targeting-crypto-nft-defi-communities}, language = {English}, urldate = {2021-12-22} } Babadeda Crypter targeting crypto, NFT, and DeFi communities
Babadeda BitRAT LockBit Remcos
2021-10-28MorphisecHido Cohen, Michael Dereviashkin
@online{cohen:20211028:decaf:d22e18a, author = {Hido Cohen and Michael Dereviashkin}, title = {{DECAF Ransomware: A New Golang Threat Makes Its Appearance}}, date = {2021-10-28}, organization = {Morphisec}, url = {https://blog.morphisec.com/decaf-ransomware-a-new-golang-threat-makes-its-appearance}, language = {English}, urldate = {2021-11-03} } DECAF Ransomware: A New Golang Threat Makes Its Appearance
DECAF
2021-10-14MorphisecArnold Osipov
@online{osipov:20211014:explosive:d6c6eb7, author = {Arnold Osipov}, title = {{Explosive New MirrorBlast Campaign Targets Financial Companies}}, date = {2021-10-14}, organization = {Morphisec}, url = {https://blog.morphisec.com/explosive-new-mirrorblast-campaign-targets-financial-companies}, language = {English}, urldate = {2021-10-24} } Explosive New MirrorBlast Campaign Targets Financial Companies
MirrorBlast
2021-09-21MorphisecNadav Lorber
@online{lorber:20210921:new:117cc51, author = {Nadav Lorber}, title = {{New Jupyter Evasive Delivery through MSI Installer}}, date = {2021-09-21}, organization = {Morphisec}, url = {https://blog.morphisec.com/new-jupyter-evasive-delivery-through-msi-installer}, language = {English}, urldate = {2021-09-22} } New Jupyter Evasive Delivery through MSI Installer
solarmarker
2021-08-27MorphisecMorphisec Labs
@online{labs:20210827:proxyshell:a4650f1, author = {Morphisec Labs}, title = {{ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors}}, date = {2021-08-27}, organization = {Morphisec}, url = {https://blog.morphisec.com/proxyshell-exchange-exploitation-now-leads-to-an-increasing-amount-of-cobaltstrike-backdoors}, language = {English}, urldate = {2021-08-31} } ProxyShell Exchange Exploitation Now Leads To An Increasing Amount Of Cobaltstrike Backdoors
Cobalt Strike